- From: Ahmed, Zahid <zahid.ahmed@commerceone.com>
- Date: Thu, 2 May 2002 14:35:19 -0700
- To: www-ws-arch@w3.org
The scope of "trust models" problem should include: 1) Management of trusted CA roots that may be embedded or accessible in web services applications and client devices. 2) Exchange of authorization data, e.g., signed or trusted assertions. W.r.t. #1, there is the X-TASS/XKMS specification: http://www.xmltrustcenter.org/research/docs/Xtass.pdf http://www.xmltrustcenter.org/xkms/docs/XKMS_1.1.pdf W.r.t. #2, there is the OASIS SAML v. 1.0 specification and possibly posisbly the WS-Security spec: http://www.oasis-open.org/committees/security/ Zahid Ahmed -----Original Message----- From: David Booth [mailto:dbooth@w3.org] Sent: Thursday, May 02, 2002 12:40 PM To: www-ws-arch@w3.org Subject: D-AR006.9 - "baseline for trust models" >"D-AR006.9 The security framework document SHOULD recommend a baseline for >trust models." I think this needs clarification. I don't know what "a baseline for trust models" means. -- David Booth W3C Fellow / Hewlett-Packard Telephone: +1.617.253.1273
Received on Thursday, 2 May 2002 17:35:31 UTC